package com.oa.tools.beans;

import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
////import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
////import org.springframework.security.config.annotation.web.builders.HttpSecurity;
////import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
////import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
////import org.springframework.security.core.userdetails.UserDetailsService;
////import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.config.http.SessionCreationPolicy;

/**
 * 安全控制中心
 */
@Configuration
//@EnableWebSecurity//@EnableWebMvcSecurity 注解开启Spring Security的功能
//@EnableGlobalMethodSecurity(prePostEnabled = true,jsr250Enabled = false)
public class WebSecurityConfig /*extends WebSecurityConfigurerAdapter*/ {/*
	
	@Autowired
	private AuthenticationSuccessHandler myAuthenticationSuccessHandler;

 
    private final UserDetailsService userDetailsService;
 
    public WebSecurityConfig(AnyUserDetailsService userDetailsService){
        this.userDetailsService = userDetailsService;
    }
 
  
 
    */
	
	/*@Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
		httpSecurity.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
		.authorizeRequests().anyRequest().permitAll();
    }*/
	
	/**
     * http.authorizeRequests()
     .anyRequest().authenticated()
     .and().formLogin().loginPage("/login")
     //设置默认登录成功跳转页面
     .defaultSuccessUrl("/index").failureUrl("/login?error").permitAll()
     .and()
     //开启cookie保存用户数据
     .rememberMe()
     //设置cookie有效期
     .tokenValiditySeconds(60 * 60 * 24 * 7)
     //设置cookie的私钥
     .key("")
     .and()
     .logout()
     //默认注销行为为logout，可以通过下面的方式来修改
     .logoutUrl("/custom-logout")
     //设置注销成功后跳转页面，默认是跳转到登录页面
     .logoutSuccessUrl("")
     .permitAll();
     * @param http
     * @throws Exception
     *//*
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()//authorizeRequests() 定义哪些URL需要被保护、哪些不需要被保护
                .antMatchers("/config1/**","/news/**","/blog/manage/**","/blog/create/**").authenticated()
                .anyRequest().permitAll()
                .and()
                .formLogin()
                .loginPage("/login")
                .successHandler(myAuthenticationSuccessHandler)//登陆成功处理
                .permitAll()
                .and()
                .logout()
                .permitAll()
                .and().csrf().disable();
    }

 
*/}
